>From - Sat Mar 02 00:57:28 2024
Received: by 10.36.23.5 with SMTP id 5mr146140nzw.1168636019908;
Fri, 12 Jan 2007 13:06:59 -0800 (PST)
Received: from 74.106.212.207 by v45g2000cwv.googlegroups.com with HTTP;
Fri, 12 Jan 2007 21:06:46 +0000 (UTC)
From: reginal..._at_hotmail.com
To: "TSCM-L Professionals List" <TSCM-..._at_googlegroups.com>
Subject: RFID Hazards - Part 2
Date: Fri, 12 Jan 2007 13:06:46 -0800
Message-ID: <1168636006.077004.223830_at_v45g2000cwv.googlegroups.com>
User-Agent: G2/1.0
X-HTTP-UserAgent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; MSN 6.1; MSNbMSFT; MSNmen-ca; MSNc00; MSNc00),gzip(gfe),gzip(gfe)
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Continued from Part 1
"....
APPLY NETWORK AND WEB SERVER SECURITY TECHNIQUES TO YOUR RFID
MIDDLEWARE AND DATABASE
Most of the security risks in the middleware are the same as in
traditional networks. For instance, processing incoming data from the
reader to the database requires the same security precautions as a Web
server receiving untrusted user input. SQL injections, common Web
server attacks, are also possible on an RFID system that does not check
inputs to ensure that they are in the correct form. Secure coding
practices during the software development cycle (SDLC) can prevent
this. Integrity of the back-end database will also become very relevant
as corportations look to incorporate their supply chain with partners
without revealing proprietary information. A corrupt back-end database
could wreak havoc on an entire supply chain, negating any efficiency
that the RFID system originally provided.
Middleware attack scenario: An attacker writes a virus onto an RFID
tag. This virus is meant to extract information from the database, send
it to the attacker, and corrupt the database. The attacker brings the
virus tag into the store, where it gets read by any one of the readers.
The middleware doesn't check the format of the data tag but simply
processes the raw data, which is executable code, and the virus takes
hold. The database starts reporting incorrect information, and goods
get moved to the wrong places, resulting in overstocked warehouses or
empty shelves.
CURRENT WEAKEST LINK IN THE SECURITY CHAIN RFID TAGS
RFID tags, especially the passive ones, are different from traditional
computing because of their limited power and communication abilities.
For example:
- Passive RFID tags provide little or no confidentiality protection.
Passive RFID technology has very limited memory and severely limited
processing power. In fact, commercial passive RFID tags can't
authenticate the reader - - making them readable to anyone, thus
potentially revealing private information. Conversely, readers are also
susceptible to fraudulent,cloned RFID tags because the tag cannot
perform enough calculations to prove its identity. Academics are
working with commercial organizations like RSA to provide
authentication mechanisms that can fit within the passive RFID
restrictions, but they are not yet available. Active tags, though, tend
to have greater computation power and storage, so they can already use
standard cryptographic protocols to provide confidentiality.
Tag confidentiality scenario: A retail store has deployed an
RFID-enabled shelf display for razors to monitor stock levels and
prevent theft. An attacker who eavesdrops on the communication between
the tag and the shelf reader can write identical tags, drop them on the
shelf, and remove the razors. The attacker then destroys the razors'
real RFID tags and walks out of the store, but the shelf reader still
believes that all of the razors are present on the shelf, defeating the
original goals of preventing theft and monitoring stock levels.
It's not easy to see if someone has modified data on an RFID tag. Most
tags' data can be maliciously modified or deleted using a low-cost tag
writing device. Some passive tags can only be written once, ensuring
their permanent integrity, whereas active tags can be deployed with the
expectation that the data will change over time. Integrity is
particularly important when integrating with partners in the supply
chain. While you may want partners to read your tags, you might not
want them to change the data, and you must prevent them from doing so,
even accidentally.
- Tag integrity attack scenario: An attacker walks through your
warehouse of perishable food items monitored by sensors and RFID tags
and uses a handheld reader/writer to change the harvest date. The
attacker could change the date to a week earlier, marking the food as
stale or the goods as being a week fresher than they actually are.
Either way, the warehouse employees relying on this information will
dispose of the fresh product or send rancid products to the store for
sales, wasting money and injuring your reputation.
....."
Continued in Part 3
Reg Curtis/VE9RWC
Received on Sat Mar 02 2024 - 00:57:28 CST
This archive was generated by hypermail 2.3.0
: Sat Mar 02 2024 - 01:11:46 CST